1.3 Auth & Teams

A single Concourse installation can accomodate many projects and users.

Pipelines, builds, and all other user data are owned by teams. A team is just a conceptual owner and a separate namespace, tied to an authorization config. For example, a team may authorize all members of the concourse GitHub organization to be a member.

When a user authenticates, each team's authorization config is checked against the user to determine which role, if any, to grant for the team. This information is then stored in the user's token to determine access control for future requests.